In a press release, Yandex said that no user data was compromised during the cyber attack attempt which had been detected and neutralized at an early stage by its security team. However, Yandex refuses to make further comments.
This reaction follows the publication of a Reuters article, according to which Yandex – often presented as Russian Google because of the similar online services it offers – was the target of a cyber attack fomented by intelligence services. westerners.
In this case, at the end of 2018, hackers allegedly deployed the Regin malware in an attempt to spy on Yandex user accounts. Regin is not just any malware. It is sophisticated malware described as a modular cyber espionage platform by Kaspersky Lab.
Regin was allegedly created by the National Security Agency (NSA) and its British counterpart GCHQ (Government Communications Headquarters). A supposed authorship that we owe to the revelations of Edward Snowden. It is believed to be a weapon of cyber espionage by the Five Eyes, the intelligence alliance between Australia, Canada, the United States, New Zealand and the United Kingdom.
According to anonymous Reuters sources, the hackers secretly maintained access to Yandex for at least several weeks before being detected. Western cyber attacks against Russia are rarely mentioned in public, unlike the reverse.
By targeting developer accounts, the goal would have been to go in search of technical information on how Yandex authenticates user accounts. Such information could have helped an intelligence agency to impersonate a Yandex user and gain access to private messages.
Part of the Regin code found in Yandex systems would not have been deployed during already known cyberattacks. An element that points to an action from one of the Five Eyes countries with a version developed from the code uncovered in 2014.
Last year, the context was particularly tense between Russia and the United States who charged Russian agents for the hacking of the American Democratic gamble and a possible interference in the American presidential election of 2016. According to the New York Times , the United States has also intensified its efforts to ensure a persistent presence in the Russian electricity grid and the shadow of a cold cold cyberwar.
